General
-
Target
071c608a80c84e55ed4ead5e577104ea_JaffaCakes118
-
Size
187KB
-
Sample
241001-x7hn9azfrf
-
MD5
071c608a80c84e55ed4ead5e577104ea
-
SHA1
1dd9194c56acd00e0ea5dabe9555334856a620c0
-
SHA256
4fe2155de6e61665205a522e8fc7c95d25f53362f2e319fcd0993c4ea93bbbad
-
SHA512
25d4486c9352b5223113bbbeab5afc64cdfeb621b43f80aeb64f0400aeca364e91e9a3037e894c1918d5bce8a832d9e035aa77c41f57a9c67cd1c294059c7b62
-
SSDEEP
3072:ZIlbuz5kQLKPTzBPDmrKI/aoMQXw8TDcgMZ4sNgvC8xV1Wu4cTXCrnqAq1l8O:Z6ax+7FDA2QA8T3MOM0bVAhO
Malware Config
Targets
-
-
Target
071c608a80c84e55ed4ead5e577104ea_JaffaCakes118
-
Size
187KB
-
MD5
071c608a80c84e55ed4ead5e577104ea
-
SHA1
1dd9194c56acd00e0ea5dabe9555334856a620c0
-
SHA256
4fe2155de6e61665205a522e8fc7c95d25f53362f2e319fcd0993c4ea93bbbad
-
SHA512
25d4486c9352b5223113bbbeab5afc64cdfeb621b43f80aeb64f0400aeca364e91e9a3037e894c1918d5bce8a832d9e035aa77c41f57a9c67cd1c294059c7b62
-
SSDEEP
3072:ZIlbuz5kQLKPTzBPDmrKI/aoMQXw8TDcgMZ4sNgvC8xV1Wu4cTXCrnqAq1l8O:Z6ax+7FDA2QA8T3MOM0bVAhO
Score10/10-
STRRAT
STRRAT is a remote access tool than can steal credentials and log keystrokes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1JavaScript
1Scheduled Task/Job
1Scheduled Task
1Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1